VIR Vulnerability Intelligence Relay

Search

Found 5,165 results in 1619ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2022-3140 medium 5.5 FIX arch arch rhel rocky 3y ago LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In th…
CVE-2022-31197 medium 5.5 FIX rhel slesdebian debian 3y ago Moderate: postgresql-jdbc security update
CVE-2022-2953 medium 5.5 FIX arch arch rhelalmalinux almalinux 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2880 medium 5.5 FIX rhel rocky sles 3y ago Moderate: container-tools:rhel8 security update
CVE-2022-2879 medium 5.5 FIX rhel rocky sles 3y ago Moderate: container-tools:rhel8 security update
CVE-2022-27664 medium 5.5 FIX rocky rhel sles 3y ago Moderate: grafana-pcp security and enhancement update
CVE-2022-26307 medium 5.5 FIX arch arch rhel rocky 3y ago LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in Lib…
CVE-2022-26306 medium 5.5 FIX arch arch rhel rocky 3y ago LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in Lib…
CVE-2022-26305 medium 5.5 FIX arch arch rhel rocky 3y ago An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of th…
CVE-2022-2521 medium 5.5 FIX arch arch rhelalmalinux almalinux 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2520 medium 5.5 FIX arch arch rhelalmalinux almalinux 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2519 medium 5.5 FIX arch arch rhelalmalinux almalinux 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2058 medium 5.5 FIX arch arch rhelalmalinux almalinux 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2057 medium 5.5 FIX arch arch rhel rocky 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2056 medium 5.5 FIX arch arch rhel rocky 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2021-46848 medium 5.5 FIX rhel rocky sles 3y ago RHSA-2023:0116: libtasn1 security update (Moderate)
CVE-2021-44906 medium 5.5 FIX rhel sles rocky 3y ago RHSA-2023:0050: nodejs:14 security, bug fix, and enhancement update (Moderate)
CVE-2019-25058 medium 5.5 FIX rhel sles rocky 3y ago RHSA-2023:0087: usbguard security update (Moderate)
CVE-2022-4144 medium 5.5 FIX rocky slesdebian debian 3y ago An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, poten…
CVE-2022-2869 medium 5.5 FIX arch arch rocky sles 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2868 medium 5.5 FIX arch arch rocky sles 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2022-2867 medium 5.5 FIX arch arch rocky sles 3y ago RHSA-2023:0095: libtiff security update (Moderate)
CVE-2023-21538 medium 5.5 rhel rocky 3y ago RHSA-2023:0079: .NET 6.0 security, bug fix, and enhancement update (Moderate)
CVE-2022-43548 medium 5.5 FIX rhel rocky sles 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update
CVE-2022-3517 medium 5.5 FIX rhel rockydebian debian 4y ago Moderate: nodejs:18 security, bug fix, and enhancement update
CVE-2022-45442 medium 5.5 FIX rhel rocky sles 4y ago RHSA-2023:0855: pcs security update (Moderate)
CVE-2022-24999 medium 5.5 FIX rockydebian debian rhel 4y ago RHSA-2023:0050: nodejs:14 security, bug fix, and enhancement update (Moderate)
CVE-2021-33621 medium 5.5 FIX rhel rocky sles 4y ago RHSA-2024:3500: ruby:3.0 security update (Moderate)
CVE-2023-53181 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: Stop leaking on krealloc() failure Currently dma_resv_get_fences() will leak the previously allocated array if …
CVE-2023-4387 medium 5.5 FIX rhel slesdebian debian 4y ago A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to…
CVE-2023-28410 medium 5.5 FIX rhel slesdebian debian 4y ago Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially en…
CVE-2023-2008 medium 5.5 FIX rhel slesdebian debian 4y ago A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can re…
CVE-2022-50213 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow SET_ID to refer to another table When doing lookups for sets on the same batch by using its ID…
CVE-2022-50212 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table When doing lookups for chains on the same batch by using it…
CVE-2022-50187 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ath11k: fix netdev open race Make sure to allocate resources needed before registering the device. This specifically avoids havi…
CVE-2022-50179 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb Syzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The problem wa…
CVE-2022-50178 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: 8852a: rfk: fix div 0 exception The DPK is a kind of RF calibration whose algorithm is to fine tune parameters and c…
CVE-2022-50115 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes We have sanity checks for byte controls and i…
CVE-2022-50092 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN…
CVE-2022-50085 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert…
CVE-2022-50084 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and ru…
CVE-2022-50030 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffe…
CVE-2022-50027 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe …
CVE-2022-49710 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITS_PER_LONG The code in dm-log rounds up bitset_size to 32 bits. It then uses fin…
CVE-2022-49708 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on ext4_mb_use_inode_pa Hulk Robot reported a BUG_ON: =============================================================…
CVE-2022-49707 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear res…
CVE-2022-49698 medium 5.5 FIX rhel slesdebian debian 4y ago Linux kernel (BlueField) vulnerabilities
CVE-2022-49697 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix request_sock leak in sk lookup helpers A customer reported a request_socket leak in a Calico cloud environment. We found…
CVE-2022-49695 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: igb: fix a use-after-free issue in igb_clean_tx_ring Fix the following use-after-free bug in igb_clean_tx_ring routine when the N…
CVE-2022-49673 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warni…
CVE-2022-49671 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() f…
CVE-2022-49669 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race on unaccepted mptcp sockets When the listener socket owning the relevant request is closed, it frees the unaccept…
CVE-2022-49664 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: tipc: move bc link creation back to tipc_node_create Shuang Li reported a NULL pointer dereference crash: [] BUG: kernel NULL …
CVE-2022-49626 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being…
CVE-2022-49625 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efx_ef10_try_update_nic_stats_…
CVE-2022-49615 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe f…
CVE-2022-49606 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qos_mutex to process RoCEv2 QP's on netdev events causes a kernel splat…
CVE-2022-49605 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740…
CVE-2022-49584 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero It is possible to disable VFs while the PF driver is proces…
CVE-2022-49561 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch conntrack after insertion In case the conntrack is clashing, insertion can free skb->_nfct and set…
CVE-2022-49559 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a trip…
CVE-2022-49557 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave) Set the starting uABI size of KVM's guest FPU to 'stru…
CVE-2022-49543 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition() When test device recovery with below command, it has warning i…
CVE-2022-49538 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access input_dev under mutex It is possible when using ASoC that input_dev is unregistered while calling snd_jack_rep…
CVE-2022-49537 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smp_processo…
CVE-2022-49536 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces …
CVE-2022-49534 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT There is a potential memory leak in lpfc_ignore_els_cmpl() and l…
CVE-2022-49531 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: loop: implement ->free_disk Ensure that the lo_device which is stored in the gendisk private data is valid until the gendisk is f…
CVE-2022-49515 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t The CS35L41_NUM_OTP_ELEM is 100, but only 99 entries are defin…
CVE-2022-49504 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external …
CVE-2022-49465 medium 5.5 FIX rhel slesdebian debian 4y ago Linux kernel (Azure) vulnerabilities
CVE-2022-49440 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Keep MSR[RI] set when calling RTAS RTAS runs in real mode (MSR[DR] and MSR[IR] unset) and in 32-bit big endian mode…
CVE-2022-49433 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdma_map_lock is in…
CVE-2022-49426 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fix mm use-after-free We currently call arm64_mm_context_put() without holding a reference to the mm, whic…
CVE-2022-49413 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup (or in case of writeback jus…
CVE-2022-49412 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two…
CVE-2022-49411 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgrou…
CVE-2022-49409 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ==============================================================…
CVE-2022-49408 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in parse_apply_sb_mount_options() If processing the on-disk mount options fails after any memory was alloca…
CVE-2022-49404 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even…
CVE-2022-49398 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback The list_for_each_entry_safe() macro saves the current it…
CVE-2022-49394 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgro…
CVE-2022-49389 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). When stub_probe() fails after tha…
CVE-2022-49378 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modpa…
CVE-2022-49374 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: tipc: check attribute length for bearer name syzbot reported uninit-value: ===================================================== …
CVE-2022-49349 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_rename_dir_prepare We got issue as follows: EXT4-fs (loop0): mounted filesystem without journal.…
CVE-2022-49348 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state The EXT4_FC_REPLAY bit in sbi->s_mount_state is used to ind…
CVE-2022-49347 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in ext4_writepages we got issue as follows: EXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, …
CVE-2022-49343 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid cycles in directory h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a direct…
CVE-2022-49340 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ip_gre: test csum_start instead of transport header GRE with TUNNEL_CSUM will apply local checksum offload on CHECKSUM_PARTIAL pa…
CVE-2022-49334 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: Fix xarray node memory leak If xas_split_alloc() fails to allocate the necessary nodes to complete the xarray ent…
CVE-2022-49332 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Address NULL pointer dereference after starget_to_rport() Calls to starget_to_rport() may return NULL. Add check for…
CVE-2022-49325 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp->snd_cwnd We had various bugs over the years with code breaking the assumption that tp->snd_cwn…
CVE-2022-49306 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: host: Stop setting the ACPI companion It is no longer needed. The sysdev pointer is now used when assigning the ACPI c…
CVE-2022-49297 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for m…
CVE-2022-49292 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INT_MAX overflow at vmalloc() allocation that …
CVE-2022-49291 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hw_params and hw_free calls Currently we have neither proper check nor protection against t…
CVE-2022-49290 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: mac80211: fix potential double free on mesh join While commit 6a01afcf8468 ("mac80211: mesh: Free ie data when leaving mesh") fix…
CVE-2022-49288 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation chan…
CVE-2022-49272 medium 5.5 FIX rhel slesdebian debian 4y ago In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock syzbot caught a potential deadlock between the PCM runtime->b…